Firefox Releases version 3.0.7

Published: 2009-03-04
Last Updated: 2009-03-05 14:38:04 UTC
by Deborah Hale (Version: 1)
0 comment(s)

 

Update: It looks like Mozilla updated their information so I am updating it here.

www.mozilla.com/en-US/firefox/3.0.7/releasenotes/

 Mozilla has released version 3.0.7 of Firefox.  This release fixes several issues found in the previous version.  These fixes include several security issues, 3 Critical.. 2 High.. 1 High.. and 1 Low.  The most critical item fixed is the problem of a crash causing memory corruption.  This is a stability bug and there is concern that with effort on the bad guys part these crashes could be used to run arbitrary code.  This issue applies too Firefox, Thunderbird and SeaMonkey products.

According to Mozilla's Security Advisory MFSA2009-07

"Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This is not the default setting and we strongly discourage users from running JavaScript in mail. Without further investigation we cannot rule out the possibility that for some of these an attacker might be able to prepare memory for exploitation through some means other than JavaScript such as large images."

See www.mozilla.org/security/announce/2009/mfsa2009-07.html for more information.

Advisory MFSA-2009-08

Vulnerability in Mozilla's garbage collection process.

www.mozilla.org/security/announce/2009/mfsa2009-08.html

Advisory MFSA-2009-10

Vulnerability in PNG libraries used by Mozilla cause several memory safety hazards.

For the full list of advisories and detailed information go to:

www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.7

 

 

 

 

Keywords: Firefox browser
0 comment(s)

Wireshark 1.0.6 Released

Published: 2009-03-04
Last Updated: 2009-03-04 21:28:49 UTC
by Deborah Hale (Version: 1)
0 comment(s)

It looks like a new version of Wireshark has been released.  In this release they have fixed the bugs in Tektronix K12 and NetScreen file formats as well as some other bugs.  They have not added any new protocols with this release but have updated support for AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS protocols.

http://www.wireshark.org/security/wnpa-sec-2009-01.html

They also have released an experimental package for Mac OS X 10.5.5 and above. 

For a complete list of changes you can look at the Wireshark Release Notes.

http://www.wireshark.org/docs/relnotes/wireshark-1.0.6.html

 

 

 

 

Keywords: Wireshark
0 comment(s)

Comments


Diary Archives